A.P. Lawrence

Information and Resources for Unix and Linux Systems
Bloggers and the self-employed

Get APLawrence.com by RSS

Home
Kerio
Sections
- MacOSX
- Linux
- Blogging
- Self-Employment
- Support
Contents
- Most Popular
- Browse All Topics
- Newest Articles
- Random Page
- Surveys
Tests
- Linux
- Mac OS X
- SCO Unix
- Perl
Resources
- Site Forum
- Write for this site
- Find a Consultant
- Contact Info
- RSS Feeds
- Store
- Advertise Here
- Disclaimer
Help
- About
- Rates
- Copyrights
- Contact
- Support

(OLDER) <- More Stuff -> (NEWER) (NEWEST)
Kerio Reseller
Printer Friendly Version

PPTP VPN, and weak passwords

(Traditional format)

Wed Dec 22 13:02:54 2004 PPTP VPN, and weak passwords
Posted by Bruce Garlock

I use a VPN to connect to work. I run a PPTP server on Linux, at my firewall, for our remote users to connect from home to our work network. As has been explained before, PPTP has had it's share of security issues. I came across this link today, which has some good information on the insecure passwords used by a PPTP server.

Hate these ads?

http://blogs.zdnet.com/Ou/index.php?p=21

I still need to do some testing against my PPTP server, since it is not MS based, and based off of OpenSource products. The PPTP server I use on my linux box is located here: http://poptop.org/

I have it configured so that only 128 bit encrypted connections are allowed, with MS-CHAP2 password authentication only. I hope after using some of the tools listed in the zdnet article show that I am safe, but if not, then it is time to start researching other VPN's for our users.

Usually after tools like this are released, it's only a matter of time before a trojan horse, or worm is released to uncover exposed systems.

--BruceGarlock

Comments /Blog/B1210.html

Sun Jul 10 03:48:42 2005: Subject: anonymous

You should use a proxy on your firewall.
A good one is here : http://www.mgix.com/pptpproxy

Add your comments

Why no "Digg this!" etc.?

Enter your email address for automatic notification of new posts here
(be sure to whitelist 'feedburner.com' if you use spam filtering)

Lone-Tar Backup and Disaster Recovery
for Linux and Unix

Printer Friendly Version

Views for this page
Today	This Week	This Month	This Year	Overall
3	5	27	654	3,357

Have you tried Searching this site?

Unix/Linux/Mac OS X support by phone, email or on-site: Support Rates

This is a Unix/Linux resource website. It contains technical articles about Unix, Linux and general computing related subjects, opinion, news, help files, how-to's, tutorials and more. We appreciate comments and article submissions.

Publishing your articles here

Printer Friendly Version

More:

- Administration

- Linux

- Unix

- Security

- Blog

Unix/Linux Consultants

Your ad here - $24.00 yearly!

http://thatitguy.com Business networking servers, Linux and Unix experts. In business since 1997! Windows and Exchange to Samba and Scalix migration experts.

UBB Computer Services Support for Openserver, Unixware and Linux. Windows integration with Unix/Linux servers. Hardware, Backup and Networking issues. Located near Sacramento CA, we provide onsite support throughout Northern CA and Nationwide via remote access. We are a SCO Authorized Partner and a Microlite BackupEdge Certified Reseller.

http://www.m3ipinc.com Security, firewalls, ids, audits, vulnerability assesments, BS7799, HIPAA, GLB, incident handling

Coming Attractions

My Favorites

Publish your articles, comments, book reviews or opinions here!